program:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0xff}, 0x7}, 0x1c)
shutdown(r2, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x6}, &(0x7f00000000c0)=0xc)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0xf0b, 0x4, 0x1000000, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0x7}]}}]}, 0x40}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r7=>0xffffffffffffffff})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r8, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)={0x3c, r9, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r13=>0x0})
lsetxattr$trusted_overlay_nlink(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380)={'U-', 0x80000000}, 0x16, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(r12, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x50, r11, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r13}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee33908f8eef16f162471f4"}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, 0x50}}, 0x0)

[   91.348384][ T5299] Bluetooth: hci0: command tx timeout
[   91.625787][ T5321] ------------[ cut here ]------------
[   91.628640][ T5321] !chanctx_conf
[   91.628652][ T5321] WARNING: net/mac80211/rate.c:53 at rate_control_rate_init+0x64a/0x6e0, CPU#0: syz.0.0/5321
[   91.634889][ T5321] Modules linked in:
[   91.636790][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   91.640964][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   91.645065][ T5321] RIP: 0010:rate_control_rate_init+0x64a/0x6e0
[   91.647677][ T5321] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 c2 da a4 f6 90 0f 0b 90 eb e1 e8 b7 da a4 f6 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00
[   91.655445][ T5321] RSP: 0018:ffffc90004bf6f48 EFLAGS: 00010283
[   91.658254][ T5321] RAX: ffffffff8b20c0b9 RBX: ffff888032fac000 RCX: 0000000000100000
[   91.661695][ T5321] RDX: ffffc90020001000 RSI: 0000000000000378 RDI: 0000000000000379
[   91.665254][ T5321] RBP: 0000000000000000 R08: ffffffff8b20bbd3 R09: ffffffff8e7602e0
[   91.668796][ T5321] R10: dffffc0000000000 R11: ffffed10065f5831 R12: 1ffff110065f580a
[   91.673096][ T5321] R13: ffff88803fe18e80 R14: 0000000000000001 R15: ffffffff8b20bbd3
[   91.677752][ T5321] FS:  00007fa8ad4f06c0(0000) GS:ffff88808ca59000(0000) knlGS:0000000000000000
[   91.682803][ T5321] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   91.686002][ T5321] CR2: 0000200000001080 CR3: 000000001f76b000 CR4: 0000000000352ef0
[   91.689595][ T5321] Call Trace:
[   91.691262][ T5321]  <TASK>
[   91.692886][ T5321]  rate_control_rate_init_all_links+0x109/0x1a0
[   91.696130][ T5321]  sta_apply_auth_flags+0x1c2/0x400
[   91.698663][ T5321]  sta_apply_parameters+0xea9/0x1620
[   91.701000][ T5321]  ieee80211_add_station+0x424/0x6a0
[   91.703346][ T5321]  rdev_add_station+0xfc/0x2c0
[   91.705400][ T5321]  nl80211_new_station+0x1864/0x1d30
[   91.707766][ T5321]  ? trace_contention_end+0x3d/0x150
[   91.710201][ T5321]  ? __pfx_nl80211_new_station+0x10/0x10
[   91.712831][ T5321]  ? __rtnl_unlock+0xc8/0xf0
[   91.715013][ T5321]  ? nl80211_pre_doit+0x4f1/0x930
[   91.717408][ T5321]  genl_family_rcv_msg_doit+0x22a/0x330
[   91.719762][ T5321]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   91.722483][ T5321]  ? bpf_lsm_capable+0x9/0x20
[   91.724549][ T5321]  ? security_capable+0x7e/0x2c0
[   91.726840][ T5321]  genl_rcv_msg+0x61c/0x7a0
[   91.728982][ T5321]  ? __pfx_genl_rcv_msg+0x10/0x10
[   91.731190][ T5321]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   91.733618][ T5321]  ? __pfx_nl80211_new_station+0x10/0x10
[   91.736230][ T5321]  ? __pfx_nl80211_post_doit+0x10/0x10
[   91.739095][ T5321]  ? __lock_acquire+0x6b5/0x2cf0
[   91.742348][ T5321]  netlink_rcv_skb+0x232/0x4b0
[   91.744633][ T5321]  ? __pfx_genl_rcv_msg+0x10/0x10
[   91.746905][ T5321]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   91.749346][ T5321]  ? down_read+0x272/0x2e0
[   91.751355][ T5321]  ? genl_rcv+0xd/0x40
[   91.753116][ T5321]  genl_rcv+0x28/0x40
[   91.754698][ T5321]  netlink_unicast+0x80f/0x9b0
[   91.756732][ T5321]  ? __pfx_netlink_unicast+0x10/0x10
[   91.759419][ T5321]  ? netlink_sendmsg+0x650/0xb40
[   91.761658][ T5321]  ? skb_put+0x11b/0x210
[   91.763722][ T5321]  netlink_sendmsg+0x813/0xb40
[   91.765770][ T5321]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.768138][ T5321]  ? aa_sock_msg_perm+0xf1/0x1b0
[   91.770334][ T5321]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   91.772464][ T5321]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.774752][ T5321]  ____sys_sendmsg+0xa68/0xad0
[   91.776894][ T5321]  ? futex_unqueue+0x211/0x240
[   91.779100][ T5321]  ? __pfx_____sys_sendmsg+0x10/0x10
[   91.781456][ T5321]  ? import_iovec+0x73/0xa0
[   91.783653][ T5321]  ___sys_sendmsg+0x2a5/0x360
[   91.785848][ T5321]  ? __pfx____sys_sendmsg+0x10/0x10
[   91.788307][ T5321]  ? futex_wait+0x29a/0x380
[   91.790489][ T5321]  ? __fget_files+0x2a/0x420
[   91.792594][ T5321]  ? __fget_files+0x3a0/0x420
[   91.794756][ T5321]  __x64_sys_sendmsg+0x1bd/0x2a0
[   91.796933][ T5321]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   91.799479][ T5321]  ? rcu_is_watching+0x15/0xb0
[   91.801835][ T5321]  do_syscall_64+0x14d/0xf80
[   91.804031][ T5321]  ? trace_irq_disable+0x3b/0x150
[   91.806272][ T5321]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.809147][ T5321]  ? clear_bhb_loop+0x40/0x90
[   91.811135][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.813662][ T5321] RIP: 0033:0x7fa8ac59c799
[   91.815689][ T5321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   91.823828][ T5321] RSP: 002b:00007fa8ad4f0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.827517][ T5321] RAX: ffffffffffffffda RBX: 00007fa8ac815fa0 RCX: 00007fa8ac59c799
[   91.830835][ T5321] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 000000000000000a
[   91.834337][ T5321] RBP: 00007fa8ac632bd9 R08: 0000000000000000 R09: 0000000000000000
[   91.838094][ T5321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.841607][ T5321] R13: 00007fa8ac816038 R14: 00007fa8ac815fa0 R15: 00007ffd5fd5ae18
[   91.845271][ T5321]  </TASK>
[   91.846696][ T5321] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   91.850084][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   91.854239][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   91.858658][ T5321] Call Trace:
[   91.860205][ T5321]  <TASK>
[   91.861613][ T5321]  vpanic+0x56c/0xa60
[   91.863496][ T5321]  ? __pfx__printk+0x10/0x10
[   91.865569][ T5321]  ? __pfx_vpanic+0x10/0x10
[   91.867580][ T5321]  ? is_bpf_text_address+0x292/0x2b0
[   91.869936][ T5321]  ? is_bpf_text_address+0x26/0x2b0
[   91.872142][ T5321]  panic+0xc5/0xd0
[   91.873805][ T5321]  ? __pfx_panic+0x10/0x10
[   91.875851][ T5321]  __warn+0x315/0x4f0
[   91.877640][ T5321]  ? rate_control_rate_init+0x64a/0x6e0
[   91.880033][ T5321]  ? rate_control_rate_init+0x64a/0x6e0
[   91.882560][ T5321]  __report_bug+0x29a/0x540
[   91.884623][ T5321]  ? lockdep_hardirqs_on+0x7a/0x110
[   91.886958][ T5321]  ? rate_control_rate_init+0x64a/0x6e0
[   91.889443][ T5321]  ? __pfx___report_bug+0x10/0x10
[   91.891672][ T5321]  ? __lock_acquire+0x6b5/0x2cf0
[   91.894014][ T5321]  ? __lock_acquire+0x6b5/0x2cf0
[   91.896208][ T5321]  ? rate_control_rate_init+0x64a/0x6e0
[   91.898651][ T5321]  report_bug+0x16a/0x220
[   91.900551][ T5321]  ? rate_control_rate_init+0x64a/0x6e0
[   91.903020][ T5321]  ? rate_control_rate_init+0x64c/0x6e0
[   91.905483][ T5321]  handle_bug+0x98/0x200
[   91.907220][ T5321]  exc_invalid_op+0x1a/0x50
[   91.909185][ T5321]  asm_exc_invalid_op+0x1a/0x20
[   91.911151][ T5321] RIP: 0010:rate_control_rate_init+0x64a/0x6e0
[   91.913857][ T5321] Code: 82 01 00 00 20 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 c2 da a4 f6 90 0f 0b 90 eb e1 e8 b7 da a4 f6 90 <0f> 0b 90 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 90 00 00 00
[   91.922121][ T5321] RSP: 0018:ffffc90004bf6f48 EFLAGS: 00010283
[   91.925026][ T5321] RAX: ffffffff8b20c0b9 RBX: ffff888032fac000 RCX: 0000000000100000
[   91.928624][ T5321] RDX: ffffc90020001000 RSI: 0000000000000378 RDI: 0000000000000379
[   91.932159][ T5321] RBP: 0000000000000000 R08: ffffffff8b20bbd3 R09: ffffffff8e7602e0
[   91.935805][ T5321] R10: dffffc0000000000 R11: ffffed10065f5831 R12: 1ffff110065f580a
[   91.939478][ T5321] R13: ffff88803fe18e80 R14: 0000000000000001 R15: ffffffff8b20bbd3
[   91.943082][ T5321]  ? rate_control_rate_init+0x163/0x6e0
[   91.945607][ T5321]  ? rate_control_rate_init+0x163/0x6e0
[   91.948046][ T5321]  ? rate_control_rate_init+0x649/0x6e0
[   91.950438][ T5321]  ? rate_control_rate_init+0x649/0x6e0
[   91.952886][ T5321]  rate_control_rate_init_all_links+0x109/0x1a0
[   91.955508][ T5321]  sta_apply_auth_flags+0x1c2/0x400
[   91.957760][ T5321]  sta_apply_parameters+0xea9/0x1620
[   91.960039][ T5321]  ieee80211_add_station+0x424/0x6a0
[   91.962446][ T5321]  rdev_add_station+0xfc/0x2c0
[   91.964638][ T5321]  nl80211_new_station+0x1864/0x1d30
[   91.967041][ T5321]  ? trace_contention_end+0x3d/0x150
[   91.969377][ T5321]  ? __pfx_nl80211_new_station+0x10/0x10
[   91.971672][ T5321]  ? __rtnl_unlock+0xc8/0xf0
[   91.973596][ T5321]  ? nl80211_pre_doit+0x4f1/0x930
[   91.975700][ T5321]  genl_family_rcv_msg_doit+0x22a/0x330
[   91.978029][ T5321]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   91.980564][ T5321]  ? bpf_lsm_capable+0x9/0x20
[   91.982568][ T5321]  ? security_capable+0x7e/0x2c0
[   91.984637][ T5321]  genl_rcv_msg+0x61c/0x7a0
[   91.986622][ T5321]  ? __pfx_genl_rcv_msg+0x10/0x10
[   91.988953][ T5321]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   91.991410][ T5321]  ? __pfx_nl80211_new_station+0x10/0x10
[   91.993944][ T5321]  ? __pfx_nl80211_post_doit+0x10/0x10
[   91.996462][ T5321]  ? __lock_acquire+0x6b5/0x2cf0
[   91.998742][ T5321]  netlink_rcv_skb+0x232/0x4b0
[   92.000927][ T5321]  ? __pfx_genl_rcv_msg+0x10/0x10
[   92.003130][ T5321]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   92.005522][ T5321]  ? down_read+0x272/0x2e0
[   92.007600][ T5321]  ? genl_rcv+0xd/0x40
[   92.009485][ T5321]  genl_rcv+0x28/0x40
[   92.011308][ T5321]  netlink_unicast+0x80f/0x9b0
[   92.013496][ T5321]  ? __pfx_netlink_unicast+0x10/0x10
[   92.015870][ T5321]  ? netlink_sendmsg+0x650/0xb40
[   92.018089][ T5321]  ? skb_put+0x11b/0x210
[   92.020093][ T5321]  netlink_sendmsg+0x813/0xb40
[   92.022219][ T5321]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.024579][ T5321]  ? aa_sock_msg_perm+0xf1/0x1b0
[   92.026715][ T5321]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   92.028985][ T5321]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.031249][ T5321]  ____sys_sendmsg+0xa68/0xad0
[   92.033343][ T5321]  ? futex_unqueue+0x211/0x240
[   92.035413][ T5321]  ? __pfx_____sys_sendmsg+0x10/0x10
[   92.037757][ T5321]  ? import_iovec+0x73/0xa0
[   92.039762][ T5321]  ___sys_sendmsg+0x2a5/0x360
[   92.041855][ T5321]  ? __pfx____sys_sendmsg+0x10/0x10
[   92.044228][ T5321]  ? futex_wait+0x29a/0x380
[   92.046227][ T5321]  ? __fget_files+0x2a/0x420
[   92.048218][ T5321]  ? __fget_files+0x3a0/0x420
[   92.050224][ T5321]  __x64_sys_sendmsg+0x1bd/0x2a0
[   92.052315][ T5321]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   92.054726][ T5321]  ? rcu_is_watching+0x15/0xb0
[   92.056872][ T5321]  do_syscall_64+0x14d/0xf80
[   92.058966][ T5321]  ? trace_irq_disable+0x3b/0x150
[   92.061196][ T5321]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.063799][ T5321]  ? clear_bhb_loop+0x40/0x90
[   92.065899][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.068519][ T5321] RIP: 0033:0x7fa8ac59c799
[   92.070492][ T5321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   92.078851][ T5321] RSP: 002b:00007fa8ad4f0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.082498][ T5321] RAX: ffffffffffffffda RBX: 00007fa8ac815fa0 RCX: 00007fa8ac59c799
[   92.085847][ T5321] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 000000000000000a
[   92.089115][ T5321] RBP: 00007fa8ac632bd9 R08: 0000000000000000 R09: 0000000000000000
[   92.092563][ T5321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.096056][ T5321] R13: 00007fa8ac816038 R14: 00007fa8ac815fa0 R15: 00007ffd5fd5ae18
[   92.099513][ T5321]  </TASK>
[   92.101245][ T5321] Kernel Offset: disabled
[   92.103166][ T5321] Rebooting in 86400 seconds..